THE NEXUS

Digital Currency and the Need for Trust

By
Mark B. Cooper

The Nexus | Monday, 12 November 2018

For the first time in modern history, our civilization is on the verge of a new concept in monetary transactions with cryptocurrency. Cryptocurrency could be hugely disruptive to many industries and could completely change money transfer services industries, but trust must be the cornerstone before it can gain wide acceptance and be legitimized. The historical concepts of trust, integrity, and the validation of people and identities also need to evolve.

Cryptocurrency is quietly skyrocketing. Today, there are more than 2,000 cryptocurrencies, according to the Digital Currency Group,1 and the total value of all cryptocurrencies grew to more than US $600 billion in 2017 alone.2 The production of this new digital currency is turning physical currency on its head.

Cryptocurrency is innovative, presenting new challenges with still much to learn about its structure and legitimacy. With no central authority or central bank to oversee cryptocurrency, users are in the midst of a gold rush—mining for gold with few rules and many ups and downs. Current blockchain systems do not require personal or corporate identities, so where does that leave users relative to trust and identities? This is especially pertinent as the real-world technology environment includes cyberthreats, bad actors and dishonesty. It is necessary to redefine how to determine trust. Better identity management and encryption technologies must be in place for cryptocurrency to move to the next level.

“It is rare that a new currency is born, and it is almost unheard of for a currency to have value with no pledge behind it, for example, the sovereign commitment of a government or a rare commodity such as gold.

Society has always determined fiduciary trust based on thousands of years of physical currency experience. It is rare that a new currency is born, and it is almost unheard of for a currency to have value with no pledge behind it, for example, the sovereign commitment of a government or a rare commodity such as gold.

Why Regulation and Identities Are Needed to Legitimize Cryptocurrency

Regulation may be the only thing that moves cryptocurrency out of the speculation arena and into commerce. Businesses and individuals need confidence that a currency will not lose half of its value overnight. Identity management and encryption technologies must be matured and deployed to protect these currencies.

Financial institutions are highly regulated, and banks know that employees need to be supervised and processes implemented to manage and audit money handling (e.g., bank vaults, balance sheets, registers, receipts). Banks also know that they can place US $5 million in cash in a safe and, due to the currency’s size and volume, a “trusted” employee cannot walk out with it in a bag. Or, if money is placed in a home vault or someone buries gold, the burden to find it and steal it is fairly onerous.

Consider the US Drug Enforcement Agency (DEA) investigation of Silk Road on the dark web. After bitcoin was seized in the investigation, the DEA lead agent and a US Secret Service agent then stole the currency from the agency. Did this occur because the digital currency was new, misunderstood and hard to trace? Or was it because no large bags of currency had to be removed from an evidence locker? At the time of the sentencing, the value of the bitcoin stolen by the agent would have been worth more than US $11 million. How do users determine if new levels of vetting, trust and policies are needed in order to place trust in others?

With the rise of cryptocurrency, the perception of the notion of trust is also changing. Will cryptocurrency change the perception of trustworthy persons? Is it advisable to redefine and profile how personnel with digital currency are investigated and controlled? With digital currencies easier to steal, will more insider theft occur? The world is in the midst of a global shift with potentially life-changing impact.

Mark B. Cooper

Is president and founder of PKI Solutions. He has deep knowledge in all things related to public key infrastructure (PKI) and has been known as “The PKI Guy” since his early days at Microsoft. PKI Solutions Inc. provides consulting, training and software solutions for Microsoft PKI and related technologies for enterprises around the world. Prior to founding PKI Solutions, Cooper was a senior engineer at Microsoft, where he was a PKI and identity management subject matter expert who designed, implemented and supported Active Directory Certificate Services (ADCS) environments for Microsoft’s largest customers.

Subscribe

ISACA®, the Cybersecurity Nexus™ (CSX) Mark, and ISACA's Cybersecurity Nexus™ (CSX) products, certifications, and services are not affiliated with CSX Corporation or its subsidiaries, including CSX Transportation, Inc.

Login

Use your ISACA login

WelcomeRob

We have updated our privacy and communication preferences

I acknowledge that my use of this feature, service or product is subject to the ISACA Privacy Policy and Terms of Use. By providing my information, or using this feature, service or product, I acknowledge that I have read, understand, and agree to the terms of the ISACA Privacy Policy and Terms of Use.ISACA has changed its privacy notice, to access the revised, click here. By continuing to use the site, you agree to the revised notice and Terms of Use.

Yes! I would like to receive by post, e-mail and/or telephone marketing information from ISACA and its affiliates about ISACA and its affiliates and their products and services, and other information in which ISACA and its affiliates think I may be interested.

By pressing Proceed, I understand and agree that the information i have provided will be used as described in the ISACA Privacy Policy. By pressing Get Temporary Access, I further agree to the website terms and confirm the information i have provided is my own.